|
|
|
|
@ -1,4 +1,4 @@
|
|
|
|
|
# MSCXXXX: Opportunistic user key pinning (TOFU)
|
|
|
|
|
# MSC3834: Opportunistic user key pinning (TOFU)
|
|
|
|
|
|
|
|
|
|
In the Matrix spec at present, there are no real provisions for
|
|
|
|
|
properly authenticating devices belonging to other users, aside from
|
|
|
|
|
@ -104,13 +104,13 @@ is dropping messages.
|
|
|
|
|
|
|
|
|
|
This proposal does not add any new API endpoints, but does add some
|
|
|
|
|
new fields and message types to existing data structures. These field
|
|
|
|
|
names and message types will be prefixed with `org.matrix.mscXXXX.v1`.
|
|
|
|
|
names and message types will be prefixed with `org.matrix.msc3834.v1`.
|
|
|
|
|
Test implementations can identify the TSK as
|
|
|
|
|
`org.matrix.mscXXXX.v1.cross_signing.tofu_signing`, use the optional
|
|
|
|
|
field `org.matrix.mscXXXX.v1.tofu_signing_key` for the
|
|
|
|
|
`org.matrix.msc3834.v1.cross_signing.tofu_signing`, use the optional
|
|
|
|
|
field `org.matrix.msc3834.v1.tofu_signing_key` for the
|
|
|
|
|
`keys/device_signing/upload` endpoint, and use the message types
|
|
|
|
|
`org.matrix.mscXXXX.v1.signatures_hash_request` and
|
|
|
|
|
`org.matrix.mscXXXX.v1.signatures_hash` for exchanging hashes of the
|
|
|
|
|
`org.matrix.msc3834.v1.signatures_hash_request` and
|
|
|
|
|
`org.matrix.msc3834.v1.signatures_hash` for exchanging hashes of the
|
|
|
|
|
set of cross-signing signatures.
|
|
|
|
|
|
|
|
|
|
## Migration notes
|
Faye Duxovni
4 years ago